#!/bin/bash

#Get The local IP Witch will be sent to the radius server
localIP=$(hostname -i)

cd /root
wget http://build.openvpn.net/downloads/releases/openvpn-2.2.0.tar.gz
wget https://github.com/downloads/jjo/openvpn-ipv6/openvpn-2.2.0-ipv6-0.4.16.patch.gz --no-check-certificate
tar -zxvf openvpn-2.2.0.tar.gz 
gzip -d openvpn-2.2.0-ipv6-0.4.16.patch.gz
yum -y install patch gcc lzo-devel openssl-devel make gcc-c++ libgcrypt-devel iptables
patch -p0 < openvpn-2.2.0-ipv6-0.4.16.patch
cd /root/openvpn-2.2.0
./configure
make 
make install
mkdir /etc/openvpn
cd /etc/openvpn/
#Get config files
wget http://some-file.googlecode.com/git/ca.crt
wget http://some-file.googlecode.com/git/ca.key
wget http://some-file.googlecode.com/git/ta.key
wget http://some-file.googlecode.com/git/dh1024.pem
wget http://some-file.googlecode.com/git/eduvpn.crt
wget http://some-file.googlecode.com/git/eduvpn.key
wget http://some-file.googlecode.com/git/radiusplugin4.cnf
wget http://some-file.googlecode.com/git/radiusplugin6.cnf
wget http://some-file.googlecode.com/git/server4.conf
wget http://some-file.googlecode.com/git/server6.conf

cp /root/openvpn-2.2.0/sample-scripts/openvpn.init /etc/init.d/openvpn
mkdir /var/log/openvpn
chkconfig openvpn on
cd ~
wget http://www.nongnu.org/radiusplugin/radiusplugin_v2.1a_beta1.tar.gz 
tar -zxvf radiusplugin_v2.1a_beta1.tar.gz 
cd /root/radiusplugin_v2.1a_beta1
#replace the AcctScheduler.cpp
rm -rf AcctScheduler.cpp
wget http://some-file.googlecode.com/git/AcctScheduler.cpp
make
cp /root/radiusplugin_v2.1a_beta1/radiusplugin.so /etc/openvpn/
cd /etc/openvpn/
# Define the ip whitch should be send to the radius server
sed -i "s/NAS-IP-Address=127.0.0.1/NAS-IP-Address=$localIP/g" /etc/openvpn/radiusplugin4.cnf
sed -i "s/NAS-IP-Address=127.0.0.1/NAS-IP-Address=$localIP/g" /etc/openvpn/radiusplugin6.cnf
sed -i "s/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g" /etc/sysctl.conf
sysctl -p
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.9.0.0/24 -o eth0 -j MASQUERADE
echo "You also have to update the client configration file to allow the new client to connct"